Customers of a computing resource service provider or other service providers often store sensitive information using a variety of services provided by these service providers. To ensure the security of this sensitive information, the customers of these service providers often use cryptographic keys to encrypt the sensitive information. The cryptographic keys may be managed by these service providers, which may control access to the cryptographic keys and enable authorized users to access these cryptographic keys. However, some customers of these service providers may want to import their own cryptographic keys, which can be used to ensure the security of their sensitive information. Enabling customers to provide their own cryptographic keys is complex and may require extensive use of resources to manage while ensuring the security of these provided cryptographic keys.